Sadly, it’s not a matter of if, but when, your organization will experience a ransomware or malware attack. The costs of a cyberattack can be staggering – loss of data, loss of productivity, loss of business, loss of reputation! In this BlogBytes we will discuss strategic methods to prevent or lessen the damage from malware attacks with a little help from LTO technology.
Hospital and Large Shipping Firm are attacked
A ransomware attack on a small hospital cost the hospital $1M (USD) in new equipment and infrastructure investments as well as a risk to the covenant agreement. As reported by the hospital’s chief financial officer in a recent article, “The virus entered the hospital’s system via emails sent 10 months before the cyber criminals asked the hospital for money.” The article highlights that “… it’s not just health-care providers that are at risk. In 2019, state and local governments reported 106 ransomware attacks, nearly double what was reported a year before.”
But obviously, hospitals and municipalities are not the only target: small to large businesses are also vulnerable to a malware invasion. An article in Wired magazine describes the misfortune that befell shipping conglomerate, Maersk, which was hit by the NotPetya ransomware in June 2017, with an estimated cost of $300M in lost revenue. In a gripping eyewitness account, the firm’s former IT security person commented “Just because you know the bad actors are coming, doesn’t mean you leave your front door open and make them a cup of tea when they walk in. You could just lock the door.”
And when leading currency exchange firm, Travelex, was crippled by the REvil virus in early 2020, it took over a month to restore some services with the firm reportedly paying criminals a $2.3M ransom.
Lock Out Cyber Threats
There is a lot at risk, so you need a strategy to prevent and lessen the damage from a cyberattack. As outlined in a National Institute of Standards and Technology (NIST) article, there are some simple steps that you can take to help lock out cyber threats including:
- Limit Employee Access: Limiting access to your valuable company data reduces the chance for human error, which is the number-one information security threat.
- Install & Activate Software and Hardware Firewalls: Firewalls can thwart malicious hackers and stop employees from browsing inappropriate websites.
- Set up Web & Email Filters: to deter hackers and prevent spam from clogging employee inboxes.
- Train Your Employees: to protect valuable data and have them sign your information policy. Use newsletters and/or ongoing training to reinforce your culture of cybersecurity.
- Secure All Wireless Access Points & Networks: this is part of a layered defense to help prevent access to your networks.
As part of the layered defense, make sure that your critical data is backed up and a copy of that backup is offline and encrypted.
Why offline? The answer is simple. If the data is not attached to the network then criminals can’t gain access to infect or steal it. And if it’s encrypted, thieves can’t blackmail you by threatening to publish it online. If you do need to restore your entire network environment, having a clean copy of data that you own and manage is likely to be the cheapest, fastest and most reliable route to recovery without needing to pay extra retrieval costs or be hindered by latency and slow cloud bandwidth.
The Lock on the Door of Defense – LTO Technology
At the Gartner conference in Orlando late last year, Laura Loredo, LTO program representative explained how LTO technology can help lock the door against cyber threats:
“LTO tape is inherently offline. That is, when a tape cartridge is stored it is detached from the system preventing access by program bots, malicious software, system hiccups, and especially hackers and ransomware. If a natural disaster or a cyber-attack were to occur that compromised an organization’s data, the offline LTO tape could be used to restore the information.”
LTO technology also supports Write Once Read Many (WORM) storage to help address information compliance and regulations and supports AES-256 hardware data encryption. You can learn more about LTO data security here.
Cyberattacks are an ever-present danger; therefore, creating a security action plan that includes LTO technology is an essential part of protecting company assets and reputation. See more about the value of tape technology here.